Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/hiAVbhcO1TwVpozBkcEWuw9CQcA.roa
File: hiAVbhcO1TwVpozBkcEWuw9CQcA.roa (raw, json)
Hash identifier: cM6xE/ZqL2V37JUXZnVYtBWEG50dOsPtinGWqXaIJmw=
Subject key identifier: 86:20:15:6E:17:0E:D5:3C:15:A6:8C:C1:91:C1:16:BB:0F:42:41:C0
Certificate issuer: /CN=ec5fdf6a51b98091e9ec7bdfaf483ec7743a5a25
Certificate serial: 019421B1906D32617FDE8E0E50FAA3A897F3
Authority key identifier: EC:5F:DF:6A:51:B9:80:91:E9:EC:7B:DF:AF:48:3E:C7:74:3A:5A:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7F_falG5gJHp7Hvfr0g-x3Q6WiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/hiAVbhcO1TwVpozBkcEWuw9CQcA.roa
Signing time: Wed 01 Jan 2025 11:47:52 +0000
ROA not before: Wed 01 Jan 2025 11:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42000
IP address blocks: 185.216.220.0/22 maxlen: 22
2a0b:bdc0::/29 maxlen: 29
2a0b:bdc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:90:6d:32:61:7f:de:8e:0e:50:fa:a3:a8:97:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec5fdf6a51b98091e9ec7bdfaf483ec7743a5a25
Validity
Not Before: Jan 1 11:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8620156e170ed53c15a68cc191c116bb0f4241c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:56:dc:49:81:34:64:10:ea:01:43:06:54:3a:
94:de:b5:06:6a:88:62:94:90:15:d8:0b:2b:45:a3:
d5:00:c4:19:fc:31:40:e7:fe:de:84:60:91:6b:4f:
a7:84:cb:32:cf:9e:d6:7b:b3:25:f1:3a:5f:5d:5d:
1d:36:68:1c:fe:e8:8a:25:f9:52:3a:4f:7f:ec:02:
51:ed:0b:80:55:ed:bb:bc:0a:0a:09:71:56:bd:0d:
a3:75:2f:0a:a5:14:44:56:02:07:ad:5b:8b:6f:89:
07:e4:ba:97:f8:8d:8f:40:c5:17:d7:dd:8a:09:19:
68:0d:56:d1:29:7e:45:d5:52:68:f5:60:c7:5f:07:
06:76:d5:88:12:42:38:f3:4d:30:f3:20:2d:42:b3:
a6:4f:16:be:5d:66:cc:1b:2f:60:f8:b5:4a:ad:7d:
c0:45:90:ce:98:b9:03:54:e1:28:ec:a0:5f:93:7c:
dc:35:73:b6:47:15:13:b5:ae:55:62:3e:53:83:a4:
3d:d4:cf:af:9c:f8:2c:77:98:3f:4c:65:be:01:11:
29:09:45:69:a6:c1:41:67:b3:a7:36:0d:63:9d:ef:
2b:45:c8:ae:d1:8f:28:e5:6a:9e:cb:c5:7e:43:6c:
19:3a:8c:31:c8:af:78:f1:e0:8f:14:4d:b9:c1:f0:
37:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:20:15:6E:17:0E:D5:3C:15:A6:8C:C1:91:C1:16:BB:0F:42:41:C0
X509v3 Authority Key Identifier:
keyid:EC:5F:DF:6A:51:B9:80:91:E9:EC:7B:DF:AF:48:3E:C7:74:3A:5A:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7F_falG5gJHp7Hvfr0g-x3Q6WiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/hiAVbhcO1TwVpozBkcEWuw9CQcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/7F_falG5gJHp7Hvfr0g-x3Q6WiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.220.0/22
IPv6:
2a0b:bdc0::/29
Signature Algorithm: sha256WithRSAEncryption
88:56:a7:d0:d9:bd:ff:7b:f9:db:e0:d1:f2:d2:f7:c2:ee:3e:
f3:e9:62:8c:ef:f7:49:3a:43:e5:4f:07:a3:23:4b:0c:da:f7:
60:b3:97:5d:9f:c0:d1:e7:93:78:a6:8e:8e:68:cb:37:9d:34:
7a:ad:fd:54:35:c1:1b:65:58:20:2c:4c:69:75:a1:c9:60:20:
20:a7:9e:06:69:03:70:70:a3:74:53:79:3c:64:15:0e:22:ae:
48:4e:c5:78:c4:32:5f:57:a3:a6:fa:b7:f0:be:33:83:f5:8a:
5e:45:79:d5:ca:2c:97:e6:5c:b2:a2:77:e1:6d:b8:24:3a:47:
a2:b3:6d:50:7d:88:f1:ff:50:73:fd:54:6c:93:db:b7:67:ca:
2f:05:72:45:ae:08:14:45:a2:33:1a:7a:70:db:66:50:0f:72:
69:46:62:6a:61:31:f2:1a:a0:7c:37:33:aa:a8:ea:8e:76:25:
0c:2d:8d:42:83:29:18:2f:bc:82:0f:1f:9b:1f:c9:08:9b:1b:
70:cd:25:54:8b:9d:a5:75:4e:90:31:9e:cd:13:4c:4b:f6:d5:
19:1d:05:cb:39:69:3d:36:f1:8d:f9:a9:83:a1:7d:c4:dc:c6:
d7:f4:07:cf:86:fa:2e:67:61:86:cc:9a:d4:01:48:16:e3:60:
1d:28:86:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsZBtMmF/3o4OUPqjqJfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNWZkZjZhNTFiOTgwOTFlOWVjN2JkZmFmNDgzZWM3NzQz
YTVhMjUwHhcNMjUwMTAxMTE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjIwMTU2ZTE3MGVkNTNjMTVhNjhjYzE5MWMxMTZiYjBmNDI0MWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolbcSYE0ZBDqAUMGVDqU3rUGaohi
lJAV2AsrRaPVAMQZ/DFA5/7ehGCRa0+nhMsyz57We7Ml8TpfXV0dNmgc/uiKJflS
Ok9/7AJR7QuAVe27vAoKCXFWvQ2jdS8KpRREVgIHrVuLb4kH5LqX+I2PQMUX192K
CRloDVbRKX5F1VJo9WDHXwcGdtWIEkI4800w8yAtQrOmTxa+XWbMGy9g+LVKrX3A
RZDOmLkDVOEo7KBfk3zcNXO2RxUTta5VYj5Tg6Q91M+vnPgsd5g/TGW+AREpCUVp
psFBZ7OnNg1jne8rRciu0Y8o5Wqey8V+Q2wZOowxyK948eCPFE25wfA34QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIYgFW4XDtU8FaaMwZHBFrsPQkHAMB8GA1UdIwQY
MBaAFOxf32pRuYCR6ex7369IPsd0OlolMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0ZfZmFsRzVnSkhwN0h2ZnIwZy14M1E2V2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lNmE1NTQtZDk3NC00Mzc3LWJlY2Mt
Y2JmMzQzZGViN2JjLzEvaGlBVmJoY08xVHdWcG96QmtjRVd1dzlDUWNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9lNmE1NTQtZDk3NC00Mzc3LWJlY2MtY2JmMzQzZGViN2Jj
LzEvN0ZfZmFsRzVnSkhwN0h2ZnIwZy14M1E2V2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudjcMA0E
AgACMAcDBQMqC73AMA0GCSqGSIb3DQEBCwUAA4IBAQCIVqfQ2b3/e/nb4NHy0vfC
7j7z6WKM7/dJOkPlTwejI0sM2vdgs5ddn8DR55N4po6OaMs3nTR6rf1UNcEbZVgg
LExpdaHJYCAgp54GaQNwcKN0U3k8ZBUOIq5ITsV4xDJfV6Om+rfwvjOD9YpeRXnV
yiyX5lyyonfhbbgkOkeis21QfYjx/1Bz/VRsk9u3Z8ovBXJFrggURaIzGnpw22ZQ
D3JpRmJqYTHyGqB8NzOqqOqOdiUMLY1CgykYL7yCDx+bH8kImxtwzSVUi52ldU6Q
MZ7NE0xL9tUZHQXLOWk9NvGN+amDoX3E3MbX9AfPhvouZ2GGzJrUAUgW42AdKIaL
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:40:05 2025 by rpki-client